Systems And Methods For Managing Cryptographic Keys - Patent 8135134

Document Sample
Systems And Methods For Managing Cryptographic Keys - Patent 8135134 Powered By Docstoc
Description: FIELD OF THEINVENTION The present invention relates in general to a system for securing data from unauthorized access or use. More particularly, the present invention relates to a common interface for supporting cryptographic keys.BACKGROUND OF THE INVENTION In today's society, individuals and businesses conduct an ever-increasing amount of activities on and over computer systems. These computer systems, including proprietary and non-proprietary computer networks, are often storing, archiving, andtransmitting all types of sensitive information. Thus, an ever-increasing need exists for ensuring data stored and transmitted over these systems cannot be read or otherwise compromised. One common solution for securing computer systems is to provide login and password functionality. However, password management has proven to be quite costly with a large percentage of help desk calls relating to password issues. Moreover,passwords provide little security in that they are generally stored in a file susceptible to inappropriate access, through, for example, brute-force attacks. Another solution for securing computer systems is to provide cryptographic infrastructures. Cryptography, in general, refers to protecting data by transforming, or encrypting, it into an unreadable format. Only those who possess the key(s) tothe encryption can decrypt the data into a useable format. Cryptography is used to identify users, e.g., authentication, to allow access privileges, e.g., authorization, to create digital certificates and signatures, and the like. One popularcryptography system is a public key system that uses two keys, a public key known to everyone and a private key known only to the individual or business owner thereof. Generally, the data encrypted with one key is decrypted with the other and neitherkey is recreatable from the other. Unfortunately, even the foregoing typical public-key cryptographic systems are still highly reliant on the user for security. For examp